Commit Graph

218 Commits

Author SHA1 Message Date
Howard Chu
bf0373b486 Add conn->c_sasl_authz_dn, store SASL authzDN separately from authcDN 2005-04-03 09:38:53 +00:00
Howard Chu
2da2336ac6 Reorganiza SLAPD_CRYPT and SLAPD_SPASSWD support for better reentrancy 2005-03-18 06:06:38 +00:00
Howard Chu
89210b7100 Added ldap_pvt_sasl_secprops_unparse, slap_sasl_secprops_unparse 2005-03-01 11:42:31 +00:00
Howard Chu
dfb6f870f6 Rearrange, merge sasl config back into main config 2005-02-20 06:47:54 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
2f5e17d056 improve usability of global ovrlays for write operations; may need to anticipate SLAPI accordingly. More work needed for add (overlays need to understand they're global and call slap_mods2entry() explicitly) 2004-12-11 17:48:15 +00:00
Pierangelo Masarati
f3a959970e hardcode "uid" into slapd & improve previous commit 2004-12-07 10:01:48 +00:00
Pierangelo Masarati
cc78fb525b ITS#3419: values in built auth DNs may need DN escaping, so build them via ldap_dn2bv 2004-12-06 15:17:23 +00:00
Howard Chu
90cc409325 Split Operation into Opheader and op 2004-11-25 22:59:00 +00:00
Kurt Zeilenga
38c7e86d67 ITS#3311: check sasl_auxprop_add_plugin return
cleanup
2004-10-11 20:52:31 +00:00
Howard Chu
7e87f54716 Revert ITS#3353 patch, it needs to be reworked. 2004-10-06 05:51:38 +00:00
Howard Chu
fda3d6260e ITS#3353 consolidate slapd globals into a single struct 2004-10-01 07:33:16 +00:00
Pierangelo Masarati
761f287943 multiple precision with BIGNUM/gmp/ulong 2004-09-26 22:58:47 +00:00
Jong Hyuk Choi
98dc97bcb9 memory leak fixes 2004-09-11 02:02:09 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
b29808f4ae cleanup function name in log 2004-07-20 00:32:43 +00:00
Pierangelo Masarati
b94d5e17e2 rework op/rs structures to deal with opeartional attributes 2004-07-18 21:44:29 +00:00
Pierangelo Masarati
d1b692ceb4 clarify no limits in (internal) searches 2004-06-12 11:33:21 +00:00
Kurt Zeilenga
1372965d89 ITS#3092: Rename sl_free() and friends to slap_sl_free() 2004-04-20 03:44:57 +00:00
Kurt Zeilenga
a54900be42 s/saslAuthz/authz/ 2004-04-16 06:12:13 +00:00
Pierangelo Masarati
3643d5fc16 cleanup 2004-04-14 17:47:53 +00:00
Pierangelo Masarati
c846d75b8b lots of cleanup 2004-04-13 16:47:23 +00:00
Howard Chu
76453e82ea Cleanup, fix for SASL/PLAIN 2004-04-07 15:26:25 +00:00
Kurt Zeilenga
44725e7303 use BER_BVNULL 2004-04-07 04:11:43 +00:00
Howard Chu
49da68a2bb ITS#3048 delete sasl_checkpass support 2004-04-05 11:23:47 +00:00
Howard Chu
4a8bb3991f ITS#2961 check for NULL authcDN 2004-03-02 18:37:49 +00:00
Howard Chu
2d0af83c71 ITS#2934 - don't touch conn->c_sasl_dn for Simple Binds 2004-02-26 11:48:34 +00:00
Kurt Zeilenga
57a7682f40 Fix typo in slap_auxprop_init() (should not impact behavior) (ITS#2909)
found by Nalin Dahyabhai (Redhat).
2004-01-08 01:14:04 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
c7f1759e80 Misc cleanup 2003-12-30 01:26:38 +00:00
Howard Chu
8aaaad0dd7 Revert to simple authzID behavior 2003-12-23 14:27:54 +00:00
Kurt Zeilenga
e9133952fb Move experimental built-in SASL behind SLAP_BUILTIN_SASL macro 2003-12-18 20:01:47 +00:00
Pierangelo Masarati
42d7d6d743 propagate flags to sasl-regexp functions (will need it later) 2003-12-18 18:32:45 +00:00
Kurt Zeilenga
9647ccd945 Completely untested built-in EXTERNAL implementation
Needs identity mapping and proxy authorization support
2003-12-18 06:52:39 +00:00
Pierangelo Masarati
2d948c7106 fix a couple of (too optimistic) comments... 2003-12-16 14:25:36 +00:00
Pierangelo Masarati
4602c935f7 saslAuthzTo/From stuff
when comparing IDs to saslAuthzTo/From values, the saslAuthzTo
saslAuthzFrom values can take different forms:

dn[.<style>]:<pattern>

<style> ::= 	exact		; exact match
		children	; children of <pattern> match
		subtree		; <pattern> or children of <pattern> match
		regex		; <pattern> is regcomp() & regexec()
if no <style>, then exact is assumed

u[.<mech>][/<realm>]:<user>

when parsing a proxyAuthz value, only exact DN is allowed,
and no <mech> can be specified.  <user> cannot contain ':'
and <mech> cannot contain '/'.
2003-12-13 23:02:59 +00:00
Howard Chu
0d8613c274 Use c_authmech when c_sasl_bind_mech is empty 2003-12-13 22:43:01 +00:00
Kurt Zeilenga
dbc37977f2 Look for the '@' in userid@realm in reverse so that a@b@c results
in userid of a@b and realm of c.
2003-12-13 17:25:59 +00:00
Pierangelo Masarati
6e5ddd6420 note a potential problem 2003-12-13 17:21:17 +00:00
Pierangelo Masarati
5a00f25542 conn must be non-null 2003-12-13 15:29:49 +00:00
Howard Chu
be1a728c5b Added sc_next and sc_cleanup to slap_callback 2003-12-07 08:51:23 +00:00
Howard Chu
42d8c0a39d Added slap_null_cb 2003-12-01 12:03:20 +00:00
Howard Chu
0a5f1e8516 #ifdef for slap_auxprop_store 2003-11-29 23:01:56 +00:00
Kurt Zeilenga
f0cd57eb9b cleanup 2003-11-29 22:37:07 +00:00
Pierangelo Masarati
e30a736354 clarify auxprop_store member type 2003-11-29 17:50:50 +00:00
Howard Chu
ddd056158e Add auxprop_store support for Cyrus SASL 2.1.16+ 2003-11-29 07:02:16 +00:00
Kurt Zeilenga
4e15a84452 Updated notices 2003-11-27 01:17:14 +00:00
Howard Chu
f4649fbde3 ITS#2825 fix SASL internal searches 2003-11-13 21:42:28 +00:00
Howard Chu
b5b036d9fb ITS#2762 tweak SASL include paths 2003-10-11 01:24:44 +00:00
Kurt Zeilenga
3e49a9cf6e add "proxy" to "authorization" in a few places 2003-09-19 18:23:37 +00:00